H4rm0ny
220 posts
H4rm0ny
@mared_washwesh
إِنَّ اللّهَ لاَ يُغَيِّرُ مَا بِقَوْمٍ حَتَّى يُغَيِّرُواْ مَا بِأَنْفُسِهِمْ
Flying Katılım Aralık 2021
1.5K Takip Edilen188 Takipçiler
I just solved DevHub on Hack The Box! labs.hackthebox.com/achievement/ma… #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting
English
"professional is here"
@hackthebox_eu #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting
English
[CyberWarFare Labs] I just completed the "Shiro" challenge on @cyberwarfarelab Infinity Platform 🎯 Earned 30 points in on_premise domain. #CloudSecurity #ChallengeCompleted infinity.cyberwarfare.live/on_premise/onp…
English
I just solved Reactor on Hack The Box! labs.hackthebox.com/achievement/ma… #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting
season 11 is going to be on fire
English
[CyberWarFare Labs] I just completed the "On-Premise-09: notificationx" challenge on @cyberwarfarelab Infinity Platform 🎯 Earned 20 points in on_premise domain. #CloudSecurity #ChallengeCompleted infinity.cyberwarfare.live/on_premise/onp…
writeup: notion.so/infinity-learn…
English
[CyberWarFare Labs] I just completed the "On-Premise-03: Abusing Laravel Ignition Package Vulnerability" challenge on @cyberwarfarelab Infinity Platform 🎯 Earned 10 points in on_premise domain. #CloudSecurity #ChallengeCompleted infinity.cyberwarfare.live/on_premise/onp… الحق قبل الاشتراك ما ينتهي
H4rm0ny retweetledi
labs.hackthebox.com/achievement/se… #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting started late GG
looking for new goal the next season
English
6 months ago I started this journey.
Today I'm officially CPTS certified. 🥳
One of the hardest cybersecurity certificates on the market (harder than OSCP).
Now looking for my first role in offensive security.
If you have questions about the exam or anything, my DMs are open.
English
I found a stored XSS vulnerability in @LenisSmooth that affected 800,000+ weekly npm downloads across Next.js, Nuxt, and SvelteKit deployments.
Fixed in v1.3.22. Assigned CVE-2026-41251.
If you're using Lenis — please update now.
#BugBounty #XSS #WebSecurity #OpenSource #CVE
𝗗𝘀𝗼𝗸𝗲𝗩🧑💻@DsokeyyV
تم Accepted ✅ وفي انتظار أول CVE😍😍
English
H4rm0ny retweetledi
Red Team Roadmap 🔴🎯
├── Foundations
│ ├── Networking Basics
│ │ ├── TCP/IP & Protocol Exploitation
│ │ ├── DNS & DHCP Attacks
│ │ ├── Subnetting & Network Mapping
│ │ └── Topology Enumeration
│ ├── Operating Systems
│ │ ├── Windows
│ │ │ ├── Active Directory Enumeration & Attacks
│ │ │ ├── Group Policy Exploitation
│ │ │ └── Event Log Evasion
│ │ └── Linux
│ │ ├── File Permission Exploits
│ │ ├── Syslog Manipulation
│ │ └── Scripting (Bash, Python, PowerShell)
│ └── Cybersecurity Core
│ ├── Attack Surface Analysis
│ ├── Threat Modeling (MITRE ATT&CK)
│ ├── Exploit Development Basics
│ └── Common Attack Vectors
├── Threat Intelligence
│ ├── OSINT
│ │ ├── Tools (Maltego, Recon-ng, SpiderFoot)
│ │ └── Data Sources (Shodan, Censys, WHOIS)
│ ├── Reconnaissance
│ │ ├── Passive & Active Recon
│ │ ├── Social Engineering Techniques
│ │ └── Target Profiling
│ └── IOCs Evasion
│ ├── Obfuscating IPs, Domains, Hashes
│ └── File Signature Manipulation
├── Offensive Operations
│ ├── Exploitation
│ │ ├── Tools (Metasploit, Cobalt Strike)
│ │ ├── Vulnerability Exploitation (Exploit-DB, Custom Exploits)
│ │ └── Payload Development
│ ├── Post-Exploitation
│ │ ├── Privilege Escalation
│ │ ├── Lateral Movement
│ │ └── Persistence Techniques
│ ├── Evasion
│ │ ├── AV/EDR Bypass
│ │ └── Log Evasion & Obfuscation
│ └── Network Attacks
│ ├── MITM (ARP Spoofing, SSL Stripping)
│ └── Protocol Exploitation
├── Vulnerability Exploitation
│ ├── Vulnerability Discovery
│ │ ├── Tools (Burp Suite, Nmap)
│ │ └── Manual Testing Techniques
│ ├── Exploit Development
│ │ ├── Writing Custom Exploits
│ │ └── Shellcode Basics
│ └── Configuration Exploits
│ ├── Misconfiguration Identification
│ └── Exploiting Weak Configurations
├── Identity & Access Attacks
│ ├── Credential Harvesting
│ │ ├── Phishing & Keylogging
│ │ └── Password Cracking (Hashcat, John the Ripper)
│ ├── Privilege Escalation
│ │ ├── Exploiting Misconfigured RBAC/ABAC
│ │ └── Bypassing MFA/SSO
│ └── Identity Spoofing
│ ├── Token Impersonation
│ └── Account Takeover
├── Network & Architecture Attacks
│ ├── Network Exploitation
│ │ ├── Bypassing VLANs & Firewalls
│ │ └── Attacking Microsegmentation
│ ├── Zero Trust Evasion
│ │ ├── Bypassing Identity Checks
│ │ └── Exploiting Trust Misconfigurations
│ └── Encryption Attacks
│ ├── Weak TLS/SSL Exploitation
│ └── VPN Vulnerabilities
├── Social Engineering
│ ├── Phishing Campaigns
│ │ ├── Email & Vishing Attacks
│ │ └── Payload Delivery
│ └── Pretexting
│ ├── Impersonation Techniques
│ └── Social Engineering Frameworks
├── Compliance & Governance Evasion
│ ├── Audit Evasion
│ │ ├── Bypassing Audit Trails
│ │ └── Log Tampering
│ └── Policy Exploitation
│ ├── Exploiting Weak Policies
│ └── Circumventing Compliance Controls
├── Advanced Offensive Techniques
│ ├── Advanced Persistence
│ │ ├── Rootkits & Backdoors
│ │ └── Living Off the Land (LotL)
│ ├── Adversary Simulation
│ │ ├── Purple Teaming
│ │ └── ATT&CK Framework Emulation
│ └── Custom Tooling
English